package com.snoweagler.verify;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import javax.annotation.Resource;

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    AuthentionSuccessFilter authentionSuccessFilter;
    @Resource
    AuthentionFailerFilter authentionFailerFilter;
    @Resource
    UserDetailsService service;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.formLogin().loginPage("/tologin").loginProcessingUrl("/login")
                .successHandler(authentionSuccessFilter)
                .failureHandler(authentionFailerFilter)
                .and()
                .rememberMe()
                .and()
                .authorizeRequests() //对请求的路径进行认证
                .antMatchers("/tologin", "/login","/logout").permitAll() //需要放过的页面
                .anyRequest().authenticated() //其他的全部都需要认证
                .and()
                .logout().permitAll(); //放过退出请求
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        System.out.println(new BCryptPasswordEncoder().encode("123"));
        auth.userDetailsService(service).passwordEncoder(new BCryptPasswordEncoder());
    }
}
